Re: Distributed objects: connecting to a process running as root?
Re: Distributed objects: connecting to a process running as root?
- Subject: Re: Distributed objects: connecting to a process running as root?
- From: James Bucanek <email@hidden>
- Date: Sun, 30 Apr 2006 18:45:18 -0700
email@hidden wrote on Monday, May 1, 2006:
>> I just ran another experiment. I created a launchd .plist for my
>> test server and started it using 'sudo launchctrl load ...'. The
>> server was running as 'nobody'. My test client could connect, get
>> the vended object, and execute code in the server.
>>
>> I then restarted my computer, letting launchd start an instance of
>> my server at boot time. I again ran my client and it had no problem
>> connecting with the server.
>>
>> To be thorough, I should probably repeat this experiment as a
>> StartupItem in 10.3, but so far I'm not seeing any limitations --
>> at least not in 10.4 and launchd.
>
>Curious. Are you using Mach messaging?
I assume so. I'm using NSConnect's default name server and NSPorts, which I'm told uses Mach ports to communicate.
>As someone else noted, you cannot send Mach messages between Mach
>namespaces, and the boot namespace is distinct from that of the
>logged in user(s). You also get a new namespace if you login via
>SSH, I think, so try testing your app that way as well.
That's what I've been told too, which is why posted the original question.
>My only other thought, not being that familiar with launchd, is that
>perhaps your server isn't really being launched in the boot namespace
>at all, but your user's? Can you connect to the [same] server from
>two different logged in users (i.e. using fast user switching)?
I had launchd start my daemon as "nobody", so that it wouldn't be associated with my login account. luanchd most definitely is not running in my user namespace because (at least in Tiger) launchd is what starts the system. OS X doesn't even really begin to run until launchd starts it.
But your questions made me do a few more experiments, and I found some very interesting results. If I start the server in my account then switch to another account, the second account _cannot_ connect to the server. If I have luanchd start the server, both my account and the other account can connect to it.
I think what's going on -- and it would be great if someone could confirm this or let me know where its documented -- is that you cannot see the Mach ports of peer process space. But you can communicate with a process in the parent process space that spawned your's. So an application started by the user can talk to any service that was started by that same user (or in the same "namespace" -- I'm still not entirely sure what the scope of that is), or it can talk to any service in the super processes that started the user processes. But it can't connect with a server started by another user.
Which really makes a lot of sense. I've always wondered how *anything* could get done if processes in two "mach namespaces" weren't allowed to communicate with each other. This also alleviates the problem of name space collision between different users, which was another thing I was worried about.
--
James Bucanek
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Cocoa-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden